In July 2023, Hackread.com reported, based on Microsoft’s findings, that Chinese hackers from the Storm-0558 ATP group had hacked European government emails. They accomplished this by using forged authentication tokens and an acquired Microsoft account (MSA) consumer signing key.
Source: HackRead